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DETAILED ACTION 

1 . Claims 1 - 1 1 are pending. 

Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

3. Claims 1 - 8 are rejected under 35 U.S.C. 102(b) as being anticipated by Ozzie 
et al. U.S. Patent No. (5,664,099). 

4. As per claim 1 , Ozzie discloses assigning an identification code to said user and 
storing the assigned identification code at the authorization centre, assigning a symbol 
set selection algorithm to said user and storing the assigned symbol set selection 
algorithm at the authorization centre in association with the identification code of the 
user, wherein the symbol set selection algorithm being a list of instructions how a 
predetermined number of graphic symbols can be generated from a table of graphic 
symbols, wherein each graphic symbol is characterized by a predetermined number of 
dominant features and each dominant feature can take a number of values (Ozzie, Col. 
5 Lines 26 - 37), displaying for said user on said remote terminal a table of a 
predetermined number of randomly chosen different graphic symbols so that the user 
can apply the assigned symbol set algorithm for generating a predetermined number of 
generated symbols (Ozzie, Co. 4 Lines 49 - 67), forwarding said generated symbols to 
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said authorization centre; forwarding said user identification code from the remote 
terminal to the authorization centre; at the authorisation centre using the received 
identification code and reproducing said generated symbols by using the symbol 
selection algorithm associated with the identified user and comparing the locally 
reproduced response symbols with the ones received from the remote terminal, and 
providing access to said user only if the received and generated symbols being identical 
(Ozzie, Col. 7 Lines 6-19, Validity). 

5. As per claim 2, Ozzie discloses user identification code being also a 
predetermined number of said graphic symbols selectable from said displayed set of 
graphic symbols (Ozzie, Col. 5 Lines 24 - 32). 

6. As per claim 3, Ozzie discloses displaying step showing to said user on said 
remote terminal respective lists associated with each of said features, each list 
comprising in a consecutive order all variations of the feature concerned, and allowing 
for said user to select from said lists in association with every generated symbol (Ozzie, 
Co. 4 Lines 49 - 67). 

7. As per claim 4, Ozzie discloses features being the shape, the colour and a 
number written on each of said symbols (Ozzie, Figures 2A, 2B and 2C). 

8. As per claim 5, Ozzie discloses symbol set generating algorithm comprises 
selection criteria of features (Ozzie, Co. 4 Lines 49 - 67). 

9. As per claim 6, Ozzie discloses symbol set generating algorithm comprises 
selection and modification criteria of said features (Ozzie, Co. 4 Lines 49 - 67). 
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10. As per claim 7, Ozzie discloses the step of carrying out a transformation on said 
generated symbols to obtain a longer sequence of characters, defined as cryptographic 
key, before being forwarded from said remote terminal to said authorisation centre, and 
in said authorisation centre using the same transformation, and in said comparing step 
comparing said transformed versions of the generated and reproduced symbols (Ozzie, 
Col. 4 Lines 43 -48). 

11. As per claim 8, Ozzie discloses communication between said remote terminal 
■ and said authorisation centre the transmittal of the identification code and the 

identification of the user at the authorisation centre preceding said displaying step, and 
in said displaying step constructing said table of graphic symbols in the knowledge of 
said symbol set generating algorithm associated with the particular user so that said 
algorithm becomes always applicable (Ozzie, Col. 5 Lines 24 - 32). 



Claim Rejections - 35 USC § 103 

12. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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13. Claims 9-11 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Ozzie et al. U.S. Patent No. (5,664,099) in view of Patzer et al. U.S. Patent No. 
(6,732,270). 

14. As per claim 9, Ozzie teaches carrying out a transformation on said generated 
symbols to obtain a longer sequence of characters, defined as cryptographic key 
(Ozzie, Col. 4 Lines 43 - 48), but fails to teach before being forwarded from said remote 
terminal to said authorisation centre, using said cryptographic key for encrypting a 
message from said user to the authorisation centre, and in said authorisation centre 
using the same transformation to obtain said cryptographic key, and using said key to 
decrypt the forwarded information, and in said comparing step decrypting the received 
information, and the comparison is regarded positive when the decrypted information 
fulfils certain conditions known to the remote terminal and to the authorisation centre. 
However, in an analogous art Patzer teaches before being forwarded from said remote 
terminal to said authorisation centre, using said cryptographic key for encrypting a 
message from said user to the authorisation centre, and in said authorisation centre 
using the same transformation to obtain said cryptographic key, and using said key to 
decrypt the forwarded information, and in said comparing step decrypting the received 
information, and the comparison is regarded positive when the decrypted information 
fulfils certain conditions known to the remote terminal and to the authorisation centre 
(Patzer, Col. 4 Lines 46 - 55 and Claim 1). 

At the time the invention was made, it would have been obvious to a person of 
ordinary skill in the art to use Patzer's method to authenticate a network access server 
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to an authentication server with Ozzie's method for establishing a protected channel 
between a user and computer system because it offers the advantage of preventing 
unauthorized access to a system. 

15. As per claim 10, Ozzie a modified teaches step of carrying out a transformation 
on said generated symbols to obtain a longer sequence of characters, defined as 
cryptographic key and carrying out a still another transformation on said generated 
symbols to obtain a unique cryptographic algorithm (Ozzie, Col. 4 Lines 43 - 48), before 
being forwarded from said remote terminal to said authorisation centre, using said 
cryptographic key and said unique cryptographic algorithm for encrypting a message 
from said user to the authorisation centre, and in said authorisation centre using the 
same transformation to obtain said cryptographic key and said cryptographic algorithm, 
and using said key and said algorithm to decrypt the forwarded information, and in said 
comparing step decrypting the received information, and the comparison is regarded 
positive when the decrypted information fulfils certain conditions known to the remote 
terminal and to the authorisation centre (Patzer, Col. 4 Lines 46 - 55 and Claim 1). 

1 6. As per claim 1 1 , Ozzie as modified teaches the step of creating a digital 
fingerprint (message authentication code, MAC) from the message of the user with the 
help of a one way hash function, encrypting the digital fingerprint using the said 
cryptographic key and unique cryptographic algorithm, forwarding from said remote 
terminal to said authorisation centre the message and the encrypted digital fingerprint, 
in said authorisation centre creating a digital fingerprint (message authentication code, 
MAC) from the message received from the user and using the same transformation to. 
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obtain said cryptographic key and said cryptographic algorithm, and using said key and 
said algorithm to decrypt the digital fingerprint forwarded with the message and in said 
comparing step decrypting the received digital fingerprint and the comparison is 
regarded positive when the decrypted digital fingerprint and the digital fingerprint 
created in the authorisation centre are identical (Patzer, Col. 4 Lines 46 - 55 and Claim 

1). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Roderick Tolentino whose telephone number is (571) 
272-2661. The examiner can normally be reached on 8:00am - 5:30pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on (571) 272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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